Secure microcontrollers and other similar computers systems may be subject to external attack. Such attacks typically aim to control circuit behavior and extract sensitive information. Because program memories are easy to localize on silicon and are typically important to the security of the system, program memories are also typically targets of external attack. Consequently, conventional methods for protecting such memories are used to protect against such attacks.
FIG. 1 depicts a conventional computer system 10, such as a microcontroller, that is protected against external attacks in a conventional manner. The conventional computer system 10 is depicted as including a conventional system central processing unit (CPU) 12, a conventional program memory 14, and a conventional checker 20 that outputs a strategy 26. Although only these components are depicted, the conventional computer system 10 typically includes other components that, for clarity, are not shown. The conventional program memory 14 is depicted as included a conventional word 16 and a corresponding parity bit 18. The program memory data output includes n-bit data word 16 and a corresponding parity bit 18 which is calculated for each program memory location and stored at the same memory address. The n-bit data word typically includes CPU instructions which are stored to be fetched at some later time by the CPU 12. Although only a single conventional word 16 and a single parity bit 18 are shown, one of ordinary skill in the art will readily recognize that the conventional program memory 14 typically includes other data words that are not separately indicated for simplicity. The conventional checker 20 includes a conventional parity bit calculator 22 and a NAND gate 24.
FIG. 2 depicts a conventional method 50 for protecting the conventional computer system 10. For each n-bits of data stored in the conventional program memory 14, a corresponding parity bit 18 is calculated, via step 52. The conventional word 16 is stored in one location in the conventional program memory 14 while the corresponding parity bit 18 is also separately stored in the program memory 16, via step 54. Upon request for program instructions to be extracted, in step 54, the conventional computer system 10 separately provides the conventional word 16 and the parity bit to the checker 20, via step 56. A parity bit is determined from the conventional word 16 using the parity bit calculator 22, via step 58. The parity bit calculated from the conventional word 16 is compared to the corresponding parity bit 18 preferably using the NAND gate 24, via step 60. Based on the comparison, a security strategy 26 may be provided, via step 62. If the comparison performed in step 60 indicates that the parity bits match, then the security strategy 26 may simply include providing the instructions or other data corresponding to the conventional word 16 from the conventional program memory 14 to the conventional system CPU 12. However, if the comparison indicates that the parity bits do not match, then the security strategy 26 may include other actions. For example, a security interrupt, a security reset, or other operation may be performed.
Although the conventional method 50 provides some protection for the conventional system 10, one of ordinary skill in the art will recognize that the conventional method 50 has some drawbacks. For example, the use of the parity bit 18 conventional checker 20 does not detect more than a single bit error. Thus, other errors may not be distinguished. In addition, use of the parity bit 18 requires storage of one bit per word 16. Consequently, the size of the entire conventional program memory 14 is increased.
Accordingly, what is needed is an improved method and system for providing computer systems from external attack. The present invention addresses such a need.